R2511-HP MSR Router Series Security Command Reference(V5)
469
Usage guidelines
If no MAC address is specified in the undo arp anti-attack source-mac exclude-mac command, all
excluded MAC addresses are removed.
Examples
# Exclude a MAC address from source MAC-based ARP attack detection.
<Sysname> system-view
[Sysname] arp anti-attack source-mac exclude-mac 2-2-2
arp anti-attack source-mac threshold
Use arp anti-attack source-mac threshold to configure the threshold for source MAC-based ARP attack
detection. If the number of ARP packets from a MAC address within 5 seconds exceeds this threshold, the
device recognizes this as an attack.
Use undo arp anti-attack source-mac threshold to restore the default.
Syntax
arp anti-attack source-mac threshold threshold-value
undo arp anti-attack source-mac threshold
Default
The threshold for source MAC-based ARP attack detection is 50.
Views
System view
Default command level
2: System level
Parameters
threshold-value: Specifies the threshold for source MAC-based ARP attack detection. The value range is
10 to 100.
Examples
# Configure the threshold for source MAC-based ARP attack detection as 30.
<Sysname> system-view
[Sysname] arp anti-attack source-mac threshold 30
display arp anti-attack source-mac
Use display arp anti-attack source-mac to display ARP attack entries detected by source MAC-based
ARP attack detection.
Syntax
display arp anti-attack source-mac [ interface interface-type interface-number ] [ | { begin | exclude |
include } regular-expression ]
Views
Any view